<?php
header('content-type:text/html; charset=utf-8');
@$login=$_REQUEST['login'];
@$password=$_REQUEST['password'];


if(empty($login) || empty($password)){ //登录名密码都为 空 就提示登录信息不完整
	header('Refresh:2;url=/login.html');
	die('<h3>登录信息不完整</h3><a href="/login.html">返回重新登录</a>');
}


$pdo=new PDO('mysql:dbname=mydb;charset=utf8','root');
$s=$pdo->prepare('select id,password from user where login=:login');
$s->execute(array('login'=>$login));
$user=$s->fetch(PDO::FETCH_NAMED);

if(empty($user)){
	header('Refresh:2;url=/login.html');
	die('<h3>登录名不存在</h3><a>返回重新登录</a>');	
}
if ($user['password']!=$password){
	header('Refresh:2;url=/login.html');
	die('<h3>密码错误</h3><a>返回重新登录</a>');
}

unset($user['password']);
$user['login']=$login;

session_start();
$_SESSION['user']=$user;

header('Refresh:2;url=/tongxunlu.php');
die('<h3>登录成功</h3><a>访问主页</a>');